Skip to content

Instantly share code, notes, and snippets.

@andrewkroh

andrewkroh/deprecated-integrations.md

Last active April 13, 2026 13:38
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save andrewkroh/7aa4b0d9d487400e1ca3bd0bdf00a4e1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save andrewkroh/7aa4b0d9d487400e1ca3bd0bdf00a4e1 to your computer and use it in GitHub Desktop.
Download ZIP
Deprecated Fleet Integration Packages audit
Raw
deprecated-integrations.md

Deprecated Fleet Integration Packages

Deprecated Packages (by title)

Package Title format_version Kibana Condition Latest Version
bluecoat Blue Coat Director Logs (Deprecated) 2.7.0 ^7.14.1 || ^8.8.0 0.18.1
cylance CylanceProtect Logs (Deprecated) 2.7.0 ^8.13.0 || ^9.0.0 0.24.0
fortinet_forticlient Fortinet FortiClient Logs (Deprecated) 2.7.0 ^8.8.0 1.12.1
juniper_junos Juniper JunOS (Deprecated) 1.0.0 ^8.11.0 0.12.1
juniper_netscreen Juniper NetScreen (Deprecated) 1.0.0 ^8.11.0 0.12.1
log Custom Logs (Deprecated) 3.1.5 ^8.8.0 || ^9.0.0 2.4.4
netscout Arbor Peakflow SP Logs (Deprecated) 2.7.0 ^8.11.0 0.22.1
radware Radware DefensePro Logs (Deprecated) 2.7.0 ^8.8.0 0.20.1
tomcat Tomcat NetWitness Logs (Deprecated) 3.0.0 ^8.13.0 || ^9.0.0 1.14.0

Deprecated Data Streams (by title)

Package Data Stream Title
rapid7_insightvm asset Collect Asset logs from Rapid7 InsightVM (Deprecated)

Deprecated Streams / Inputs (by description)

Package Data Stream Input Type Stream Title Deprecation Note
cloudflare audit httpjson Cloudflare Audit logs Please disable this and use the v2 Cloudflare Audit logs input instead.
o365 audit o365audit DEPRECATED - Collect audit logs Please deactivate this option and instead use the one described above. This option collects audit logs using the Management Activity API through a deprecated method.
panw_cortex_xdr alerts httpjson Palo Alto Cortex XDR Alerts from v1 API - Deprecated This API is deprecated. Please use v2 API instead.
rapid7_insightvm asset httpjson Asset logs (Deprecated) Collect Asset logs via API.
ti_anomali threatstream http_endpoint Threat Indicators Deactivate this option and instead use the one described above. This option collects Anomali threat indicators from ThreatStream using Elastic Extension software which is deprecated.

Deprecated Policy Template Inputs (by title)

Package Policy Template Input Type Input Title
o365 o365 o365audit DEPRECATED - Collect audit logs
ti_anomali ti_anomali http_endpoint DEPRECATED - Collect Anomali threat indicators from ThreatStream using the Elastic Extension software

Notes

  • The deprecations table in the package spec is completely empty across all packages. No package uses the formal deprecation metadata field.
  • All deprecations are signaled through naming conventions (title/description containing "deprecated").
  • 6 of 9 deprecated packages use the non-standard kibana.version dotted key format, which is a known anti-pattern (elastic/package-spec#538).
  • juniper_junos and juniper_netscreen still use format_version: 1.0.0.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment